Method and apparatus for internet traffic monitoring by third parties using monitoring implements

ABSTRACT

Disclosed is an internet traffic monitoring method that includes a network service provider analyzing an HTTP transaction involving an internet user client. The network service provider responds to the HTTP transaction by forwarding, to the internet user client, an interstitial web page including a monitoring implement. After forwarding the interstitial web page to the internet user client, the network service provider forwards web content, originally associated with the HTTP transaction, to the internet user client.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application No. 60/928,281, having an assigned filing date of Jul. 13, 2007, which application is incorporated herein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to internet traffic monitoring, and more particularly, to a method for using monitoring implements to encompass a wide range of internet traffic.

2. Description of the Prior Art and Related Information

Many Web sites are financially supported by online advertising. Some Web sites sell their own advertisements (ads) and many use, for at least a portion of their advertising inventory, third party ad sales companies known commonly as Advertising Networks (AN). For ease of reference, both types (those who sell their own ads and those who use third party ad sales companies) will be referred herein as ANs. The profitability of many Web sites is chiefly driven by the success, or failure, of the AN at selling the Web sites' ad inventory at the highest possible rate.

Run of Network (RON) advertisements are served indiscriminately to all Internet users who visit Web sites. These RON advertisements tend to earn much lower amounts per ad shown than their more targeted counterparts. This targeting can include location, user interests and other profile data.

To increase the value of the ad inventory, ANs generally use Web bugs and Cookies to track individual users and make it possible to target individual ads. A Web bug may be a small (typically 1×1 pixel) transparent GIF image (or other image of the same color as the background) that is embedded in an HTML page, such as a Web page. When a Web page is opened, the Web bug image is downloaded from the server storing it, allowing for monitoring of the Web page's viewing or usage. A Web bug may also use the HTML, iframe, style, script, input link, embed, object or other tags to track usage.

When an Internet user navigates to a Web page that has ad inventory under AN management, the AN serves a Web bug. While a Web bug on an individual page has limited utility, ANs that have relationships with large numbers of Web sites can serve their Web bugs on many Web sites. By cross-referencing the traffic from multiple Web sites, the AN can begin profiling the Internet user and provide higher value advertising that is more highly targeted to the individual Internet user's interest. Therefore, a primary concern or goal for many AN is to increase the distribution of their Web bug to as many sites as possible.

Further investigation showed that ANs have largely been left out of the value cycle created by search engines. Search engines are able to derive important profile information from their users'Internet searches. They then monetize this profile information by showing ads that match this profile. For example, someone searching for a hybrid automobile on a search engine could see ads for Toyota Prius® vehicles instead of a relatively low-value RON advertisement. Without the ability to place their Web bug on major search engine sites, AN are unable to tap this valuable profile information.

Finally, the Network Service Providers (NSP), such as ISPs, corporations, educational institutions, municipal wireless networks, etc., are not able to monetize their users' valuable profile information. While they may know the location of their users, they are unable to easily provide this information to AN. Moreover, many NSPs do not profile their users' traffic and thus are not able to provide this information to AN.

Attempts to bridge the gap between AN and NSPs have typically fallen into two categories: 1) Swapping out RON ads with more targeted ads, or 2) modifying Web requests made to AN to include additional profile information that will enable the AN to serve more targeted advertisements. Both approaches require the use of a device, such as a proxy server, or its equivalent, to modify the HTTP request to enable the switching of the original Web requests to AN. Moreover, both approaches require some sort of monitoring of the NSP's user traffic. Two major problems of these approaches are that they require extensive NSP monitoring and, perhaps even more difficult, require detailed technical interaction between NSPs and AN.

Internet Traffic Measurement (ITM) companies face a different challenge. Companies such as Nielsen Net Ratings have client-side monitoring software installed on thousands of computers so that they can derive statistics that can be applied to the Internet populace in general in order to understand global trends. Other ITM companies, such as Hitwise, have devices installed at central points on the Internet in order to gather data for the development of trend information. Such solutions use the data to find broad trends rather than individual behavioral data about Internet users and thus are unable to provide specific criteria for the placement of targeted content and advertising. Other ITM companies have other approaches, but use relatively small samples to represent the much larger Internet population.

There is, therefore, a need for a method and apparatus which enables AN or ITM companies to more easily monitor Web traffic generated by users surfing on the Internet via NSPs and to effectively communicate this data to the ANs. The present invention provides the methods and apparatuses to meet these needs.

SUMMARY OF THE INVENTION

The present invention may be embodied in an internet traffic monitoring method that includes a network service provider analyzing an HTTP transaction involving an internet user client. The network service provider responds to the HTTP transaction by forwarding, to the internet user client, an interstitial web page including at least one request monitoring implement. After forwarding the interstitial web page to the internet user client, the network service provider forwards the web content, originally associated with the HTTP transaction, to the internet user client.

In more detailed features of the invention, the HTTP transaction may involve a web content request that may include search terms directed to an internet search engine, and the monitoring implement may cause the internet user client to forward the search terms to an associated advertisement selection service. Further, the interstitial web page may include at least two monitoring implements which each may be associated with a separate advertisement selection service. The monitoring implements may include multiple web bugs (or cookies). Each web bug may be referenced with a URL having embedded parameters related to the user associated with the internet user client.

In other more detailed features of the invention, an advertisement selection service may select targeted advertising web content for presentation by the internet user client based on at least one parameter from a monitoring implement of the network service provider, and based on at least one parameter from a monitoring implement of another network service provider.

The present invention also may be embodied in an internet traffic monitoring system for a network service provider. The system may have means for performing the method steps. Alternatively, the present invention may be embodied in computer program product having computer readable medium including code for causing a computer to perform the method steps.

Additionally, the present invention may be embodied in an internet traffic monitoring method that includes a network service provider analyzing a web content request from an internet user client. The network service provider intercepts the requested web content, and customizes the requested web content. The customized web content includes the requested web content which has been modified by the network service provider to include at least one monitoring implement. The network service provider forwards the customized web content to the internet user client.

BRIEF DESCRIPTION OF THE DRAWINGS

The aforementioned advantages of the present invention as well as additional advantages thereof will be more clearly understood hereinafter as a result of a detailed description of a preferred embodiment of the invention when taken in conjunction with the following drawings in which:

FIG. 1 depicts a flowchart illustrating the process of inserting web bugs or other tracking tools, in accordance with the present invention.

FIG. 2 depicts an exemplary network system, in which the present invention can function.

FIG. 3 depicts an exemplary user database for the present invention.

FIG. 4 depicts an exemplary Web page database for the present invention.

FIG. 5 depicts an exemplary inserted Web page created by the present invention.

FIG. 6 depicts an exemplary Web bug database.

FIG. 7 depicts exemplary HTML code to insert Web bugs.

FIG. 8 depicts a flowchart illustrating an embodiment of an internet traffic monitoring method, according to the present invention.

FIG. 9 depicts a flowchart illustrating another embodiment of an internet traffic monitoring method, according to the present invention.

DETAILED DESCRIPTION

To address the shortcomings of the prior art, the present invention provides a new method for Advertising Networks (AN) and Internet Traffic Measurement (ITM) companies to receive user web traffic data from Network Service Providers (NSPs). Web bugs may be used by AN and ITM companies to track the Web traffic activity of all the users from given NSPs rather than just small subsets. Many ANs use a series of channels and each web bug is the indicator that one or more criteria used in targeting advertising has been observed. Therefore, an advantageous function of the internet traffic monitoring technique of the invention may be to convert raw behavior into a series of single web bug transactions.

The present invention enables NSPs to create and insert and/or modify web pages with AN and ITM Web bugs into their users' Web surfing sessions. The invention is placed on the NSP's network so that it can intercept an HTTP transaction, such as a Web page request, made by a user and either replace it with a customized Web page that includes Web bugs from participating AN and ITM companies, or modify the content of the web request to insert the necessary Web bugs from the participating AN and ITM companies. These modifications or replacements may be made to any objects including HTML, javascript, flash, images, audio, video or other media that are commonly served using the HTTP protocol. The originally requested Web page is then shown. In its simplest form, the customized Web page only provides the Web bugs with URL data from the originally requested Web page. In a more complex installation, it also modifies the URL, cookie, post, or query string, to include location and other information that the NSP knows about the user. In all cases, the inserted Web page is transparent to the user. The HTTP transaction may be intercepted during the request or response for the best effect.

The invention enables a NSP to elect to have only a portion of its users eligible for Web bug insertion. The NSP could, for example, opt to have only users accessing the Internet for free or at a discounted price be eligible for the Web bug insertion. The user database would then be updated per the grouping selected by the NSP.

After a user makes a Web page request, and the database shows that the user is eligible for Web bug insertion, then the Web page database is referenced to ascertain whether the requested web page is eligible for Web bugs. By only inserting Web bugs on certain pages, the NSP can minimize any induced latency caused by the insertion process. For example, a NSP could opt to only serve customized Web pages with Web bugs when the originally requested Web page was for a search engine.

If the user is eligible and the Web page is eligible, then the invention references the user database again to see if location data or other user attributes are known. If they are, then the customized Web page URL appends these parameters to the URL in order to transmit the information to the AN and ITMs via their respective Web bugs.

The inserted Web page then forwards the user to the originally requested Web page. This inserted page is invisible to the user and should only induce nominal latency before the originally requested page is shown. The process will repeat itself for each Web page request that the user makes.

Also note that other companies could utilize their Web bugs in much the same fashion as the AN and ITM companies. For example, media companies could use Web bugs to determine what content would be of most interest to surfers who visit their Web sites.

The present invention relates generally to creating and inserting a web page with web bugs into the stream of web pages viewed by web users so that advertising networks and other third parties can extend the use and utility of their traffic monitoring tools to encompass a much wider range of web traffic.

FIG. 1 depicts a flowchart illustrating the process 100 of inserting Web bugs or other tracking tools, in accordance with the present invention. In describing FIG. 1, it is assumed that: 1) The Internet user is connected to the Internet through a Network Service Provider (as shown in FIG. 2) that utilizes the invention; and 2) One or more advertising networks (AN), traffic measurement servers, or other servers utilizing web bugs or other tracking tools (as shown in FIG. 2, 240.1-241) are participating.

In FIG. 1 the Internet user (which can be any one of the users shown in FIG. 2, 211.1 212.N) first establishes an Internet connection through a Network Service Provider (as shown in FIG. 2, 220.1 and 220.2). At step 110, the Internet user (which can be using any one of the users 211.1-212.N) submits a HTTP (Web site) request.

At step 120, the application checks fields 310 and 320 in database 300, shown in FIG. 3, to see if the user is participating in the tracking. If the user is not participating, the user goes to step 170, and is served the originally requested Web page. If the user is participating in the Web bug insertion, then the user is moved to step 130. Note that steps 120, 130 and 140 can be conducted in alternative order. Also note that a simplified version of the invention can skip any of the steps 120-140 and simply serve interstitial pages with any available location parameters to all users on all pages.

At step 130, the application checks fields 410 and 420 in database 400 to ascertain if the Web page requested in step 110 is a participating Web location. If it is, the user is moved to step 140. If it is not, the user is moved to step 170 and is served the originally requested Web page from step 110.

At step 140, the application checks fields 310 and 330 in database 300 to ascertain if a location parameter is known for the user. If it is, the user is moved to step 160. If it is not, the user is moved to step 150.

At step 150, the application inserts a Web page with Web bugs from participating Advertising Networks and Traffic Measurement Companies (FIG. 2, 240.1-241). The user is then moved to step 170.

At step 160, the application inserts a Web page with Web bugs from participating Advertising Networks and Traffic Measurement Companies (FIG. 2, 240.1-241). These Web bugs are modified to include the known location parameter found in FIG. 3, field 330. The user is then moved to step 170.

At step 170, the Web page originally requested by the user in step 110 (or step 180, if this is a subsequent iteration) is served. At step 180, if the user requests another Web page, the user is sent to step 120. If the user does not request another Web page, the session ends (step 190).

At step 190, the user is no longer requesting Web pages and there is no more interaction with the invention.

This flow chart could be modified so that the Web Bugs are inserted directly on the Requested Web Page. In this case, Steps 150 and 160 could be skipped and the Web bugs could be inserted directly onto the originally requested Web page. In such cases, user location and other attribute information would not be transmitted via the Web bugs. Alternatively, a framed Web page could be created with the Web bug inserted into one frame (which could be invisible to the user) and the originally requested Web page content in the other frame.

FIG. 2 depicts a block diagram illustrating an exemplary network 200, which includes one or more Internet users connected to the Internet via network service providers. The web site traffic of these users is monitored by one or more advertising networks and one or more traffic measurement companies via the present invention.

As shown in FIG. 2, the network 200 includes users 211.1-212.N, one or more Network Service Providers 220.1-220.2, the Internet 230, and one or more advertising networks and Traffic Measurement Companies 240.1-241.

FIG. 3 depicts an exemplary user database 300 located at a Network Service Provider (or, alternatively, it can be located off-site on a separate network) (which can be any one of the Network Service Providers 220.1-220.2) for storing user identification and participation information, in accordance with the present invention. Use of this database is optional, as noted in the description of FIG. 1.

The participant database 300 (which runs on a computer system as shown in FIG. 2 has four fields: 1) a Subscriber or User field, 310, containing the username (some NSPs could use this field for the user's IP address, Media Access Control—MAC address, or Global Unique Identifier—GUID, instead of a username); 2) a Participation field, 320, detailing whether the user is participating in the tracking; 3) a Location field, 330 containing the subscriber's location; and 4) an Attribute field, 340, that provides other known user information. The example shown in FIG. 3 uses the Attribute field to inform Advertising Networks and Traffic Measurement Companies (FIG. 2 240.1-241) that the User (FIG. 2, 211.1-212.N) is using wifi to connect to the Internet. Many attribute fields could be used, or none at all, depending upon the implementation of the invention.

FIG. 4 depicts an exemplary Web page database 400 located at a Network Service Provider (or, alternatively, it can be located off-site on a separate network) (which can be any one of the Network Service Providers 220.1-220.2) for storing Web site participation information, in accordance with the present invention. Use of this database is optional, as noted in the description of FIG. 1.

The Web page database 400 (which runs on a computer system as shown in FIG. 2) has two fields: 1) a Web Page field, 410, containing the Web page name; and 2) an Eligibility field, 420, detailing whether the web page is eligible for insert.

FIG. 5 depicts a block diagram illustrating an exemplary inserted Web page 500, which includes Web bugs from one or more AN or ITM companies. As shown in FIG. 5, the inserted Web page 500 includes the Web bugs (FIG. 6, field 610) from one or more AN and ITM companies (FIG. 5, 520.1-521.N). As noted before, the Web bugs could be alternatively inserted directly onto the originally requested Web page or into a frame.

FIG. 6 depicts an exemplary user database 600 located at a NSP (or, alternatively, it can be located off-site on a separate network) (which can be any one of the NSPs 220.1-220.2) for storing the Web bug URL location information for participating AN and ITM companies, in accordance with the present invention. The Web bug location database 600 (which runs on a computer system) has one field: 1) a Web Bug Location field, 610, containing the URL of the Web bug.

FIG. 7 depicts exemplary HTML code for inserting Web bugs onto either an inserted Web page 700 or directly onto the originally requested Web page via a HTML modification format 705. If the NSP opts to insert a Web page with Web bugs, it would follow the steps outlined in FIG. 7 from 710-750. Some of the steps could be taken in a different order than that which is shown below without impacting the overall functionality.

At step 710, the HTML code would begin. At steps 720-722, various Web page elements would be created. At steps 730-734, various Web bugs would be placed on the inserted Web page. At step 735, additional Web page code would be run. At step 740, the originally requested URL would be called and the inserted Web page would disappear. At step 750, the HTML would end.

If the NSP opts to modify the originally requested Web page, either by inserting Web bugs directly into the Web page or by inserting a frame, it would follow steps 760-790. At step 760, the HTML code would begin. At step 770, HTML from the originally requested Web page would be run. At step 771, HTML various Web page elements would be created. At steps 780-784, Web bugs would be inserted onto the originally requested URL by appending this additional HTML code to the originally requested HTML code (step 770). At step 785, further HTML would be inserted as needed to facilitate the Web bug insertion process. At step 790, the HTML would end.

A specific embodiment of the present invention, shown in FIG. 8, may be embodied in an internet traffic monitoring method 800 including a network service provider 220.1-220.2 analyzing a an HTTP transaction, such as a web content request, involving an internet user client 211.1-212.N (step 810), such as a computer having a web browser. The network service provider responds to the HTTP transaction by forwarding, to the internet user client, an interstitial web page 510 including at least one monitoring implement, 520.1-520.N and 521.1-521.N (step 820). At least two monitoring implements may be each associated with a separate advertisement selection service 240.1-240.N and/or 241. After forwarding the interstitial web page to the internet user client, the network service provider forwards the web content, originally associated with the HTTP transaction, to the internet user client (step 830).

A web content request may include search terms directed to an internet search engine, and the monitoring implement may cause the internet user client to forward the search terms to an associated advertisement selection service. The search terms may be used to derive a profile of a user associated with the internet user client. Further, a first monitoring implement may include a first web bug and/or cookie associated with a first advertisement selection service, and a second monitoring implement may include a second web bug and/or cookie associated with a second advertisement selection service. Each web bug may be referenced with a URL having embedded parameters related to the user associated with the internet user client.

An advertisement selection service may select targeted advertising web content for presentation by the internet user client based on at least one parameter, 330 and 340, from a monitoring implement of the network service provider 220.1, and based on at least one parameter from a monitoring implement of another network service provider 220.2.

Another specific embodiment of the present invention may be embodied in an internet traffic monitoring method 900 including a network service provider 220.1-220.2 analyzing a web content request from an internet user client 211.1-212.N (step 910). The network service provider intercepts the requested web content, and customizes the requested web content (step 920). The customized web content includes the requested web content which has been modified by the network service provider to include at least one web content request monitoring implement, 520.1-520.N and 521.1-521.N. The network service provider then forwards the customized web content to the internet user client (step 930).

The present invention enables a NSP to send user information to participating AN and ITMs. This is done by inserting a web page containing web bugs from participating AN and ITMs before showing the originally requested web page. Web bugs on the inserted page capture URL information for the AN (such as an Ad Server AS) who then subsequently can tailor the ads they serve to users' interest as shown by the web pages they select and the searches they make. ITMs could use the invention in a similar fashion to track user web traffic. Common industry practice for web servers is to place their web bugs on many web sites, but with this invention, they can track user web traffic even on sites that don't have the AN's cookies already embedded on the web pages.

The present invention also may be embodied in an internet traffic monitoring system for a network service provider. The system may have means, such as a computer, for performing the method steps. Alternatively, the present invention may be embodied in computer program product having computer readable medium 222.1-222.2 including code for causing a computer to perform the method steps.

The steps of a method described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.

In one or more exemplary embodiments, the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software as a computer program product, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.

While the invention has been illustrated and described in detail in the drawing and foregoing description, it should be understood that the invention may be implemented through alternative embodiments within the spirit of the present invention. Thus, the scope of the invention is not intended to be limited to the illustration and description in this specification, but is to be defined by the appended claims. 

1. An internet traffic monitoring method, comprising: a network service provider analyzing an HTTP transaction involving an internet user client; the network service provider responding to the HTTP transaction by forwarding, to the internet user client, an interstitial web page including at least one monitoring implement; and after forwarding the interstitial web page to the internet user client, the network service provider forwarding the web content, originally associated with the HTTP transaction, to the internet user client.
 2. An internet traffic monitoring method as defined in claim 1, wherein the HTTP transaction involves a web content request that includes search terms directed to an internet search engine, and wherein the monitoring implement causes the internet user client to forward the search terms to an associated advertisement selection service.
 3. An internet traffic monitoring method as defined in claim 1, wherein the interstitial web page includes at least two monitoring implements which are each associated with a separate advertisement selection service.
 4. An internet traffic monitoring method as defined in claim 3, wherein the monitoring implements comprise at least first and second web bugs.
 5. An internet traffic monitoring method as defined in claim 4, wherein the first web bug is referenced with a URL having embedded parameters related to the user associated with the internet user client.
 6. An internet traffic monitoring method as defined in claim 3, wherein the web content request monitoring implements comprise at least first and second cookies.
 7. An internet traffic monitoring method as defined in claim 3, wherein monitoring implements comprise a web bug associated with a first advertisement selection service, and a cookie associated with a second advertisement selection service.
 8. An internet traffic monitoring method as defined in claim 1, wherein an advertisement selection service selects targeted advertising web content for presentation by the internet user client based on at least one parameter from a monitoring implement included in an interstitial web page forwarded by the network service provider.
 9. An internet traffic monitoring method as defined in claim 1, wherein an advertisement selection service selects targeted advertising web content for presentation to the internet user client based on at least one parameter from a monitoring implement included in an interstitial web page forwarded by the network service provider, and based on at least one parameter from a monitoring implement included in an interstitial web page forwarded by another network service provider in response to a separate HTTP transaction.
 10. An internet traffic monitoring system for a network service provider, comprising: means for analyzing an HTTP transaction involving an internet user client; means for responding to the HTTP transaction by forwarding, to the internet user client, an interstitial web page including at least one monitoring implement; and means for forwarding web content, originally associated with the HTTP transaction, to the internet user client after forwarding the interstitial web page.
 11. A computer program product, comprising: computer readable medium including: code for causing a computer to analyze an HTTP transaction involving an internet user client; code for causing a computer to respond to the HTTP transaction by forwarding, to the internet user client, an interstitial web page including at least one monitoring implement; and code for causing a computer to forward web content, originally associated with the HTTP transaction, to the internet user client after forwarding the interstitial web page.
 12. An internet traffic monitoring method, comprising: a network service provider analyzing a web content request from an internet user client; the network service provider intercepting the requested web content and customizing the requested web content, wherein the customized web content includes the requested web content which has been modified by the network service provider to include at least one monitoring implement; and the network service provider forwarding the customized web content to the internet user client.
 13. An internet traffic monitoring method as defined in claim 12, wherein the web content request includes search terms directed to an internet search engine, and wherein the monitoring implement causes the internet user client to forward the search terms to an associated advertisement selection service.
 14. An internet traffic monitoring method as defined in claim 12, wherein the customized web content includes at least two monitoring implements which are each associated with a separate advertisement selection service.
 15. An internet traffic monitoring method as defined in claim 14, wherein the monitoring implements comprise at least first and second web bugs.
 16. An internet traffic monitoring method as defined in claim 15, wherein the first web bug is referenced with a URL having embedded parameters related to the user associated with the internet user client.
 17. An internet traffic monitoring method as defined in claim 14, wherein the monitoring implements comprise at least first and second cookies.
 18. An internet traffic monitoring method as defined in claim 14, wherein the monitoring implements comprise a web bug associated with a first advertisement selection service, and a cookie associated with a second advertisement selection service.
 19. An internet traffic monitoring method as defined in claim 14, wherein an advertisement selection service selects targeted advertising web content for presentation by the internet user client based on at least one parameter from a monitoring implement included in customized web content forwarded by the network service provider.
 20. An internet traffic monitoring method as defined in claim 14, wherein an advertisement selection service selects targeted advertising web content for presentation to the internet user client based on at least one parameter from a monitoring implement included in customized web content forwarded by the network service provider, and based on at least one parameter from a monitoring implement included in customized web content forwarded by another network service provider in response to a separate web content request.
 21. An internet traffic monitoring system for a network service provider, comprising: means for analyzing a web content request from an internet user client; means for intercepting the requested web content and customizing the requested web content, wherein the customized web content includes the requested web content which has been modified by the network service provider to include at least one monitoring implement; and means for forwarding the customized web content to the internet user client.
 22. A computer program product, comprising: computer readable medium including: code for causing a computer to analyze a web content request from an internet user client; code for causing a computer to intercept the requested web content and customize the requested web content, wherein the customized web content includes the requested web content which has been modified by the network service provider to include at least one monitoring implement; and code for causing a computer to forward the customized web content to the internet user client. 